[121863] in North American Network Operators' Group
Re: DDoS mitigation recommendations
daemon@ATHENA.MIT.EDU (Tony Varriale)
Fri Jan 29 00:00:20 2010
From: "Tony Varriale" <tvarriale@comcast.net>
To: <nanog@nanog.org>
Date: Thu, 28 Jan 2010 22:59:22 -0600
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
From: "Tom Sands" <tsands@rackspace.com>
Cc: <nanog@nanog.org>
Sent: Thursday, January 28, 2010 6:01 AM
Subject: Re: DDoS mitigation recommendations
>
>> -----Original Message-----
>> From: David Freedman [mailto:david.freedman@uk.clara.net]
>> Sent: Tuesday, January 26, 2010 8:17 AM
>> To: nanog@nanog.org
>> Subject: Re: DDoS mitigation recommendations
>>
>>> Arbor stuff comes to mind and works very well in our experiences....
>>
>> Arbor++
>>
>>
>
> We've already done an initial trial with the Arbor device, and it does
> work well. Our biggest sticking point with it is that it lacks the
> granular level of visibility and control that we've been used to and
> often needed to tweak profiles. Basically, it does what it's supposed
> to well, but you really can't tell what that is, and if it's not
> catching all of a DDoS you have little insight as to what's being missed
> or control to correct it.
>
> Thank you,
>
> Tom Sands
> Chief Network Engineer
> Rackspace
Out of curiousity, what's your baseline or "that we've been used"?
tv
